-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Antonio Olivares wrote: > Dear all, > > after applying the updates, I encountered the following avc courtesy of setroubleshooter: > > > Summary: > > SELinux is preventing dbus-daemon-lau (system_dbusd_t) "execute" > kerneloops_exec_t. > > Detailed Description: > > SELinux denied access requested by dbus-daemon-lau. It is not expected that this > access is required by dbus-daemon-lau and this access may signal an intrusion > attempt. It is also possible that the specific version or configuration of the > application is causing it to require additional access. > > Allowing Access: > > You can generate a local policy module to allow this access - see FAQ > (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable > SELinux protection altogether. Disabling SELinux protection is not recommended. > Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) > against this package. > > Additional Information: > > Source Context system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 > Target Context system_u:object_r:kerneloops_exec_t:s0 > Target Objects kerneloops [ file ] > Source dbus-daemon-lau > Source Path /lib/dbus-1/dbus-daemon-launch-helper > Port <Unknown> > Host riohigh > Source RPM Packages dbus-1.2.4.4permissive-4.fc11 > Target RPM Packages > Policy RPM selinux-policy-3.6.7-1.fc11 > Selinux Enabled True > Policy Type targeted > MLS Enabled True > Enforcing Mode Enforcing > Plugin Name catchall > Host Name riohigh > Platform Linux riohigh 2.6.29-0.197.rc7.fc11.i586 #1 SMP > Tue Mar 3 23:01:11 EST 2009 i686 athlon > Alert Count 1 > First Seen Wed 04 Mar 2009 07:46:21 PM CST > Last Seen Wed 04 Mar 2009 07:46:21 PM CST > Local ID 71016152-e696-4ba1-af79-497748fd156b > Line Numbers > > Raw Audit Messages > > node=riohigh type=AVC msg=audit(1236217581.391:21): avc: denied { execute } for pid=3241 comm="dbus-daemon-lau" name="kerneloops" dev=sda5 ino=8699 scontext=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:kerneloops_exec_t:s0 tclass=file > > node=riohigh type=SYSCALL msg=audit(1236217581.391:21): arch=40000003 syscall=11 success=no exit=-13 a0=9c95e20 a1=9c95de8 a2=9c95008 a3=9c98368 items=0 ppid=3240 pid=3241 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="dbus-daemon-lau" exe="/lib/dbus-1/dbus-daemon-launch-helper" subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 key=(null) > > > > > Thanks, > > Antonio > > > > > -- > fedora-selinux-list mailing list > fedora-selinux-list@xxxxxxxxxx > https://www.redhat.com/mailman/listinfo/fedora-selinux-list Should be fixed in todays policy. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iEYEARECAAYFAkmv3Z0ACgkQrlYvE4MpobMpHACgoI4FTsH8DgETgfi6zJvXYzFx lGoAn2JLlGadrNoJt3MAP5td51oVqcGC =1hRl -----END PGP SIGNATURE----- -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
